Archive: Verisign integration with installer
Verisign integration with installer
Hey,
We would like to add Verisign to our NSIS installer. I have searched online as well as on the forums for information on how to sign the installer without causing the crc check to fail.
Is there functionality for ensuring the signing process does not interfere with the crc check?
Any help would be greatly appreciated! Thanks in advance!
By default, the first 512 bytes are not checked, so that should allow digital signatures to be used.
If it doesn't work use !packhdr to change the header before the CRC is added.
Awesome, thanks for the prompt reply!
Related to this:
Is there any plugin for automating Verisign signatures at installer generationtime?
Using !packhdr in your NSIS script, you can call an application to modify the installer executable.
Can you please go into further detail on digitally signing during the compilation process? I do not understand how to do that. Or if someone knows of some kind of batch process software that will sign a bunch of files automatically, that would be great, too!
Thanks!
It is NOT called "Verisigning" ;)
Search the forum for "Authenticode" and your answer will be there.
Good luck
And since the Authenticode does a package check, no need for a crc check.
Hi Onad,
Just wanted to hop in here.
Wow, good point!
It didn't even occur to me that if I sign my binary with Authenticode, (which I have to do for my employer), that
the CRC check done by NSIS is pointless, since its already being done by Authenticode!
For big binaries, this actually makes a time difference!
Scott
signcode.exe -n "Winamp 5.33 Full" -i http://www.winamp.com -spc winampkey.spc -v winampkey.pvk -t http://timestamp.verisign.com/scripts/timstamp.dll winamp533_full.exe